SOC 2 Compliance



ioMoVo is committed to ensuring the security, confidentiality, and availability of our customers' data. We have successfully completed the SOC 2 Type II audit for our AI-powered Digital Asset Platform, demonstrating our adherence to the highest standards of data protection and operational integrity.

What is SOC 2?

SOC 2, developed by the American Institute of Certified Public Accountants (AICPA), is a set of criteria for managing customer data based on five "trust service principles"—security, availability, processing integrity, confidentiality, and privacy. This compliance is crucial for service organizations that store customer data in the cloud, ensuring they manage data securely to protect the interests of their organization and the privacy of their clients.

Independent Service Auditor’s Report

The SOC 2 Type II report provides an independent assessment of ioMoVo's control environment. Our controls are designed to meet the trust service criteria for Security, Confidentiality, and Availability.

Key Elements of Our SOC 2 Compliance

  1. Security
    • Access Control: Ensuring only authorized personnel can access the system
    • Security Configuration: Implementation of strong passwords, account lockout mechanisms, and secure configuration of IT assets.
    • Vulnerability Management: Regular vulnerability assessments and penetration tests to identify and address potential security risks.
  2. Confidentiality
    • Data Retention and Disposal: Policies for the secure retention and disposal of data as soon as it is no longer needed.
    • Confidentiality Agreements: All employees sign confidentiality agreements upon joining, and these are reviewed annually​.
    • Customer Communication: Changes in confidentiality practices are communicated to customers, and incidents impacting external users are promptly reported.
  3. Availability
    • System Monitoring: Continuous monitoring of system performance and capacity to ensure high availability.
    • Disaster Recovery and Business Continuity: Comprehensive disaster recovery plans, including regular testing and validation of backup and recovery processes.

Description of ioMoVo Services

ioMoVo provides an advanced Digital Assets Platform that leverages artificial intelligence to enhance collaboration, asset management, and asset search processes. Our services include ioCloud, ioHub, ioAI, ioPortal, and ioFlow.

Control Environment

The internal control environment at ioMoVo reflects our commitment to security and operational excellence. Our policies, procedures, and organizational structure ensure that controls are implemented effectively to meet our security, confidentiality, and availability commitments.

Integrity and Ethical Values

· Code of Conduct: All employees are required to adhere to our code of conduct, which is reinforced through regular training and performance evaluations​.

· Management Philosophy: Our executive management team regularly assesses risks and ensures that appropriate measures are in place to mitigate them.

Trust Services Criteria

Our SOC 2 report covers the following trust service principles:

1. Security: Measures to protect against unauthorized access.

2. Confidentiality: Procedures to ensure confidential information is protected.

3. Availability: Ensuring the system is available for operation and use as committed.

Auditor's Opinion

In the opinion of our independent service auditors, ioMoVo's controls were suitably designed and operated effectively throughout the audit period to meet the applicable trust service criteria.

Contact and Support

For more information about our SOC 2 compliance or to request a copy of our SOC 2 Type II report, please contact our support team.